Ethical Hacking and Information Security. Foundation of Information Security. Detailed Module. Duration. Lecture with Hands On Session: 90 Hours

Transcription

1 Ethical Hacking and Information Security Duration Detailed Module Foundation of Information Security Lecture with Hands On Session: 90 Hours Elements of Information Security Introduction As technology advances, organizations increasingly depend on technology and information assets have evolved into critical components of survival. Ethical hackers are individuals who are generally hired in organizations to perform a trusted and controlled attempt to penetrate into the digital resources of the organization which includes systems, network and applications, using the same tools, thoughts and methodology adopted by malicious attackers. The goal of ethical hackers is to help organizations being proactive and take necessary measures against malicious attacks by attacking system themselves, most importantly staying within the legal limits. This activity comes from a proven practice of trying to catch a thief by thinking like a thief. Module Structure This training module introduces you to Ethical Hacking and Information Security. It presents today's most critical cyber security vulnerabilities and solutions for fixing such vulnerabilities. Information Security Supports the Mission of the Organization As an Integral Element of Sound Management Information Security Should Be Cost-Effective Responsibilities and Accountability Should Be Made Explicit Owners Have Security Responsibilities Outside Organizations Requirement of a Comprehensive and Integrated Approach Periodical Assessment of Information Security Information Security is Constrained by Societal Factors Roles and Responsibilities Senior Management Information Security Management Program and Functional Managers/Application Owners Technology Providers Supporting Functions Users Common Threats: A Brief Overview Errors and Omissions Fraud and Theft Employee Sabotage Loss of Physical and Infrastructure Support Malicious Hackers Industrial Espionage Malicious Code Foreign Government Espionage Threats to Personal Privacy

2 Fundamentals of Computer Networks Introduction to Computer Networks Introduction of Network and Networking Network Devices Networking Ports and Protocols o Well Known TCP and UDP Ports Routing and Switching Various Networking Aspects Assembling and Cabling of Network Devices Routing Technology o Networking Topology o Transmission Modes IP Addressing and Subnetting Machine Identification: MAC Addresses Implementing Basic Security Firewall o Stopping Malware s spread o Packet filtering o Traffic Monitoring Proxy Server OSI Reference Model: Open System Interconnection/Interface Introduction to OSI Model Layers of OSI Model o Responsibility of each layer o Protocols used for each layer o Hardware devices for each layer Reasons for Failure of OSI Model TCP/IP Model vs OSI Model Internet Connection Sharing and Bridging Setting up ICS Restricting and Limiting Network Users Concepts of Computer Virtualization Introduction to Virtual Machines and Virtualization Concept of Virtualization Need and Advantages of Virtualization Installation and Configuration Requirements o Hardware Requirements o Software Requirements Installation and Configuration Performance Optimization o Performance in a Virtualized Environment o CPU & Memory Performance o Guidelines for Resources and Access Control o Network Performance Optimization Host to Host Networking Host to LAN Networking o Storage Performance o Virtual Machine Performance o Application Performance Security Implementation Security Implementation o Fixing via Patches o Optional IDS/IPS Installation o Logging and Error Checking Troubleshooting Network Troubleshooting Memory Troubleshooting Storage Troubleshooting Data Security and Backup o Backup of Data o Backup of Virtual Machine Removing and Uninstalling of Virtual Machine

3 Basics of Windows Security Introduction to Windows Security Overview of Windows OS Windows File System Security Architecture in Windows o Local Security Authority o Security Account Manager o Security Reference Monitor User Account Security Password Attacks in Windows o Bruteforcing, Dictionary and Rainbow Table Attacks Account Security Strengthening o Strong Password Policy o Additional Security: Syskey Encryption o User Account Control : Parental Controls o Restricting BIOS Setup Services, Port and Protocol Security Auditing and Monitoring Network Connections Restricting Ports, Protocols and Services Windows Firewall with Advance Restrictions Data Security with Cryptography Securing Data by Using EFS and BitLocker File and Folder Permissions Alternate Data Streams Encrypting Office Documents Security Applications in Windows Auditing and Monitoring Windows Auto Startup Defending Windows via Windows Defender Policy Management with MBSA File and Folder Scanning with MSSE Basics of Unix-Linux Security Introduction to Unix-Linux Security Overview to Unix-Linux Operating System Linux File System Minimizing the Security Risks during Installation o Minimal Application Selection o Secure Partitioning o Securing GRUB User Account Security Password Attacks in Linux o Single User Mode o Bruteforcing Attack o Kernel Bypassing User Account Security Strengthening o Strong Password Policy o No GUI Login Policy for Root o GRUB Menu Protection o Restricting BIOS Setup Services, Port, Protocol Security Auditing and Monitoring Network Connections Restricting Ports, Protocols and Services Firewall with Advance Restrictions Configuring Trusted Repository Data Security with Cryptography Securing Data by Using TCFS File and Folder Permissions Encrypting Office Documents Security Applications in Linux Auditing and Monitoring CRON Checking File System Data Integrity Tripwire COPS: Computer Oracle and Password System

4 Introduction to Computer Malware Introduction to Computer Malware Overview Malware: Malicious Software Proliferation and Purposes Types of Malware o Virus: Vital Information Resources Under Seize o Worm: Write Once Read Multiple o Trojan Horse, Rootkit o Spyware, Keystroke Logger Virus and Worm: Infectious Malware Significance of Virus and Worm Behavioral Activity of Virus and Worm Virus and Worm Development o By Automated Tools o Coding own Viruses and Worms Trojan Horse: Concealment Overview of Trojan Trojan Attack o Direct Connection o Reverse Connection Injection in System Files Keystroke Loggers: Malware for profit Overview of Keystroke Logger User s Credentials Theft o On Spot Checking o Getting Logs on Mail Remote Installation Detection and Removal of Malware Anti Malware Tools Manual Removal of Malwares Secure Communication with Cryptography Introduction to Cryptography and Secure Communication Introduction to Secure Communication, Cryptography Unani s Cryptography: World s First Cryptography Technology Types of Cryptography o Public Key Cryptography o Private Key Cryptography Introduction to Hashing, One Way Functions and Commitment Secure Socket Layer: SSL Introduction to SSL/TLS Technology Advantage of SSL/TLS Session Management Secure Shell: SSH Overview to SSH and Key Management Security Mechanism Kerberos: The Network Authentication Protocol Description of Kerberos o User Client-based Logon o Client Authentication o Client Service Authorization o Client Service Request Drawbacks and Limitations Secure FTP: SFTP Overview of SFTP o SFTP Client o SFTP Server o SFTP Proxy Digital Signatures and Certificates Overview of Digital Signatures and Certificates Pros and Cons

5 Introduction to Network Security Network Security What is Security? Why security is necessary in network? Threats to Network Confidentiality o Network Reconnaissance o Network Sniffing Integrity o ARP Poisoning o DNS Spoofing Availability o Denial of Service o Distributed Denial of Service Components in Network Security Firewall o Types of Firewall Intrusion Detection System (IDS) Intrusion Prevention System (IPS) Proxy Servers Demilitarized Zone o Honey Pots Operations in Network Security Network Mapping o Ping Sweep o Network Enumeration Network Inventory Management Port Scanning Service Scanning: Vulnerable Services Packet Data Monitoring Fundamentals of Wireless LAN Security Introduction to Wireless LAN Security Technology used in Wireless LAN General security threats Overview of Wireless LAN Security Network Enumeration War Walking War Driving War Flying De-authentication Phase MAC Address Spoofing IP Address Binding Attacks on Wireless LAN Eavesdropping Sniffing Man in the Middle Attack ARP Poisoning Attack DNS Poisoning Attack Getting Access of Wireless LAN WEP Key Cracking WPA De-authentication Attacks Putting Breaks on Hackers Changing the Default Settings Cloaking the SSID MAC Filtering Static IP Configuration MAC IP Binding Increasing Security Encryption

6 Application Reverse Engineering Why to & What to Reverse Engineering Reverse Engineering as a Function Need and Benefits of Reverse Engineering Introduction to Assembly Language Role of Assembly Language in Reverse Engineering Concept of Debuggers and Dis-assemblers Binary Code to Assembly Code Conversion Understanding Data Flow Introduction to Address Registers and Data Registers Step Over view of Data flow Step Into view of Data flow Getting into Data Flow Monitoring CPU and Stack Flow Memory Enumeration String Extraction Software Code Changing Patch Generation Few Principles of Software Security Encryption Online Key Checking Fake Checking Points DLL Breakpoints Exploiting Computer Memory Architecture Intel x86 Architecture Introduction to Machine Language Registers Stack and Procedure Calls Storing Local Variables Calling Conventions and Stack Frames Process Memory Layout Buffer Overflow Exploitation Stack Overflow and Exploitation Terminologies o Exploit o Payload Understanding Simple Overflow o Writing a C program o Detecting the Overflow Countermeasures to Buffer Overflow Exploitation MetaSploit Framework Introduction to MSF: MetaSploit Framework MSF Installation and Configuration Getting Familiar with MSF o Using Console o Using WebGUI Client Side Exploitation with MSF MS Word Adobe PDF Reader Remote Exploitation with MSF Microsoft Windows XP NetBIOS

7 An Eye Opener to Cyber Social Media Security Introduction to Cyber Social Media Cyber Social Life: Now and Then Advantages of Cyber Social Life Disadvantages of Cyber Social Life Major Social Networking Providers Cyber Social Media Threats Social Engineering o Human Based Social Engineering o Computer Based Social Engineering Fake s Keystroke Loggers Phishing o Hidden Frames o URL Obfuscation o HTML Image Mapping Identity Theft Securing Your Cyber Social Life Awareness is the Key Security o Detecting Fake s o Creating Account Filters Online Account Security o Strong Password Setup o Designing Account Recovery Mechanism o Secure Logout o Browser Remember Password Recognizing Phishing Websites Security from Malware Google Best Friend of a Hacker Working of Google and its methodology Introduction to Crawlers, Bots Caching Process of Crawlers Various Roles of Google as a Friend of Hacker Advance Google Search Operators Hacking Tool o Significance of Google Hacking o Anonymity with Google o Using Google as a Proxy Server Directory Traversal Tool o Finding Directory Listings o Locating Specific Directories Vulnerable Website Locator o Locating via Company Tags o Locating via Web Applications o Locating via Common Names Various Attacks with the help of Google Password Harvesting Controlling CCTV Camera Tools for Google Hacking Gooscan Goolink Scanner URL Harvester

8 Getting Started with Web Application Security Introduction to Web Application Security Concept of Web Server and Database Server Introduction to Risk Assessment and Threat Modeling Authentication and Authorization Mechanism Session Management in Web Applications Confidentiality, Integrity and Availability Injection Based Attacks and Countermeasures SQL Injection Types of SQL Injection o Form Based o URL Based-Blind SQL Injection HTML Injection (Cross Site Scripting) XSS Types of XSS Attacks o Stored XSS or Persistent XSS o Reflected XSS or Non-Persistent XSS o DOM Based XSS Code Injection o Remote Code Execution Introduction to other Miscellaneous Web Based Attacks Google Hacking: Notice Google s Power Application Username Enumeration Web Based Brute Forcing Anonymous Web Application Crawling Insecure Cryptographic Storage Broken Authentication and Session Management Few Principles of Web Application Security Minimize Attack Surface Area Secure Defaults Principle of Least Privileges Defense in Depth Getting Familiar with Indian Cyber Law Introduction to Cyber Introduction to Cyber, Cyberspace Boundary line of Cyber and Cyberspace Cyber Law: Need of Cyber World Introduction & need of Cyber Law Jurisprudence of Cyber Law Evolution of Key Terms and Concepts No Men s Land between Legal and Illegal Cyber Crime and Criminals Introduction to Cyber Crime Nature, Mindset, Psychology of Cyber Criminal Classification of the Hackers: On the behalf of Working o Hacktivists o Black Hat Hackers o Grey Hat Hackers o White Hat Hackers Classification of Hackers: On the behalf of Knowledge o Coders o Admins o Script Kiddies Why Hackers Hack?? Indian Cyber Law Introduction to IT Act 2000 Amendment 2008 Under Umbrella of IT Act 2000 o Cyber Crimes o Electronic and Digital Signatures o Intellectual Property o Data Protection and Property Limitations of IT Act 2000